That’s right, add two lines of JavaScript onto your login form and you’ll be making your web site, and the world, a much safer place.

It’s convincing, until you look at the From address, view headers, and mouseover the button to discover a bit.ly link

An astonishing proportion of the web server traffic from which you’ve just fetched the page you’re reading now is scriptkiddies attempting to break in through brute-force password attacks. An even bigger problem for high-volume transactional sites like Paypal and Kiwibank is phishing, where attackers email you and lure you into entering your login credentials into a bogus site. The obvious and common solution to this problem is mandatory two-factor authentication (2FA), but it makes for a clunky user experience and is laborious to implement.

Auckland-based ThisData lets site owners take a different approach: continuous authentication. Only ask people to validate their identity if and when there’s a reason to doubt they’re really who they say they are. So for example if I have a usage pattern of logging in from the same city, with the same IP address, on the same browser, using the same cookie set, and do the same again, there’s an extremely good chance I am who I claim to be. On the other hand, if I suddenly log in from a different continent using a different operating system, or through TOR, you might want to double or triple check my credentials.

All of this is done with the addition of two lines of JavaScript on your login form, which hides a sophisticated back-end analysing geolocation, behavioral analytics, and secret sauce IP. For app and site owners, implementation effort is trivial with enormous and immediate payback.

Pricing starts at $99/month for 500 users, and goes up in usage tiers. They’re considering introducing a free usage tier to get people going. But it’s early days, and they’re still refining the pricing model.

Rich Chetwynd

Founder Rich Chetwynd has run the full startup cycle before. After founding educational software company Litmos in his bedroom, building it into an international concern, and selling it to US-based Callidus Software four years later, he decided it was time for a well-deserved break.

“I got bored though,” he says, “I wanted to ride the rocket again”.

So Chetwynd started Revert.io, a cloud backup solution. But very quickly he recognised that backups are the ambulance at the bottom of the cliff, and the much bigger and less well served opportunity was to prevent break-in and data loss in the first place.

Nick Malcolm

He pulled in CTO Nick Malcolm, one of NZ’s top Rails devs (and erstwhile cofounder of 2011 Startup Weekend Wellington legend usnap.us), and the dream team was born. You’d have to call the change from Revert.io to ThisData more of a reboot than a pivot, but it was a definitely the right move.

Chetwynd’s rocket is about to reach orbit. After the reboot in February 2015, they went on to raise $1.2m from a number of local and offshore angels alongside the Punakaiki fund, did a zoom-out pivot from working specifically with Google apps and Salesforce in February of 2016 to bringing this intelligence to any app. They’re now monitoring over 10,000 end users for a variety of customer types, and are about to onboard another 50,000 for their first big enterprise. They’re architected for scale on AWS, and ready to go much, much bigger.

As great as it sounds, they’re not at the stage yet where the solution sells itself. Building your customer base and distribution is always hard work, especially from New Zealand. Chetwynd spends roughly half his time in the US, and the rest of the time running the team from GridAKL.

Their overarching mission is to make the Internet a safer place for everyone. There are hundreds of thousands of insecure apps and sites in the wild. Chetwynd’s asks app and site owners to ask yourselves, how valuable is the data is your app or site protecting, and how adequately are your users protected?

Ask yourselves: how valuable is the data your app or site is protecting, and how adequately are your users protected?

If you’re the owner or investor in a transactional app or web site and your team is not protecting your company against attacks using a solution like ThisData, I’d want to know why.

The bottom line is that you can put on a sad face if you’re a script kiddie or spear phisher, but the rest of us will sleep easier at night.

Legendary seed investor and SoftechVC founder Jeff Clavier looks for companies to invest in that have “three asses”: A smart-ass team with a kick-ass solution in a big-ass market. ThisData are on a steep trajectory, with an all-star team with a simple-to-implement but difficult-to-replicate solution to a highly painful problem in a massive market.

I travel internationally by air a fair bit, but always worry about my checked luggage. Has it been “inspected” by security agencies? Have baggage handlers roughhoused my precious belongings?

Intrude A Lock is a simple but ingenious device which you can put into your suitcase before you go, and then query using your smartphone after arrival to answer these questions. It collects the required data (light and intense movement), and then reports this data back to your phone along with the time and date of the actions. The proposed RRP is NZD 70.

Elisha Fleming

Elisha Fleming is the 18 year old entrepreneur who came up with this idea a couple of years ago as a result of his own travel experiences, and talking to people who worried if their own bags had been tampered with. This year in January, he entered CreativeHQ’s Venture UP programme which, in partnership with the Young Enterprise Scheme, provides a six week accelerator to help entrepreneurial students commercialise their ideas between their final year of high school and their first year of university.

Elisha has just finished up at Garin College in Nelson with Merit in NCEA Level 3, and is on his way to doing a double-major in Finance and Entrepreneurship at Waikato University. His future didn’t always look so bright, however, as his family was told at an early age that due to medical issues, he’d never be able to succeed academically. Not willing to be held back, he carried on in school, but also started his own business trading goods on TradeMe, and managing his family’s property investment portfolio. Today, Elisha has a minor speech impediment, but he’s sharper and more savvy than many you’ll meet in business. “I’m always searching for a ‘yes’ rather than a ‘no’,” says Elisha, which has helped him learn incredible resilience.

At Venture UP, Elisha was joined by Hayden Washington Smith and Keith Toma, who were inspired by the product and mission. Hayden will continue on in the team as Director of Finance and Marketing, while he embarks on a law degree at Victoria University this year. Advisors include Glenn Andert and Matthias Andermatt.

The team completed the prototype during the programme, and are currently manufacturing a small pre-production run. They have managed to secure a trial with an overseas global brand in the transport industry who are interested in selling Intrude A Lock to their customers through their retail channel. They’ve also had significant interest from baggage manufacturers who want to incorporate the device into their products. Their main sales strategy focuses on channel development, using airlines, logistics companies, and manufacturers – they feel this is higher value and lower hassle than selling directly to consumers.

The trial should complete before the end March 2016, and Elisha is confident of success. If he pulls it off, that would mean he would be running an international manufacturing business from New Zealand at age 18. Longer term, they want to specialise to be the experts in protecting high value goods such as human tissue during transport.

Venture UP’s Programme Director Nick Churchouse had this to say about the team:

Elisha, Keith and Hayden were a stand out team at Venture UP – they boxed through more challenges than most. There are natural hurdles facing any hardware business, let alone a tech-connected product tussling with airline security, personal liability and ornery issues like damage and loss liability. Despite this the Intrude A Lock team built a strong proposition, got out of the room, engaged with aviation industry leaders and got a deal on the table in less than six weeks. If that’s not Venturing Up I don’t know what is.

Young Enterprise CEO Terry Shubkin adds,

Intrude A Lock is a great example of what can happen when you take the un-inhibited innovation that comes with youth, and couple that with a programme that provides structure, support and networks. It’s a great product which has been well-validated, and I can’t wait to see where the company goes next.

The Venture UP programme finished last week, but Intrude A Lock are going strong, and ramping up. They’re looking for a hardware developer and some seed capital, but most importantly, they’re looking for preorders and connections to potential channel partners. If you’re interested or can help out, contact the team.